Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2007-08 Lockstep Technologies Pty Ltd Lockstep Stepwise Introduction to de-identification solution Stephen Wilson Lockstep Technologies Pty.

Published byStephany Morefield Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2007-08 Lockstep Technologies Pty Ltd Lockstep Stepwise Introduction to de-identification solution Stephen Wilson Lockstep Technologies Pty."— Presentation transcript:

1 Copyright © 2007-08 Lockstep Technologies Pty Ltd Lockstep Stepwise Introduction to de-identification solution Stephen Wilson Lockstep Technologies Pty Ltd

2 Copyright © 2007-08 Lockstep Technologies Pty Ltd Now … What’s your full name? Your date of birth? Your billing address? The supplementary card holder? Your mother’s maiden name? Your credit limit? What’s the CCV number? Now … What’s your full name? Your date of birth? Your billing address? The supplementary card holder? Your mother’s maiden name? Your credit limit? What’s the CCV number? Our numbers are under attack! Good morning Madam. Can I start with your account number please? Sure, it’s 123456 OK, thanks for that. The more personal details we divulge to prove our identity, the greater the leakage and the risk gets worse!

3 Copyright © 2007-08 Lockstep Technologies Pty Ltd Meds: Anti-coagulant Notarised by: Dr Blogs Issued on: Health & Welfare Access Card CCN. 4000 1234 5678 9012 Issued by: Acme Bank Issued on: Gold Credit Card Safety in numbers! When a number is quoted on its own, nobody can tell if it’s real, or stolen and replayed, or simply made up. Stepwise encapsulates personal data – like a credit card number or any customer reference number – with a two- fold “pedigree”. Firstly, Stepwise shows who issued the number in the first place, to prove its bona fides. Secondly, Stepwise names the particular type of personal security device on which the data has been carried, and thus safeguarded against theft or replay. Other types of important personal data can have their pedigree similarly assured. For instance, medications data can be notarised by a qualified healthcare professional and secreted on a smartcard.

4 Copyright © 2007-08 Lockstep Technologies Pty Ltd Benefits of Stepwise In e-government: Eliminates the major political risks associated with privacy fears Transforms ID cards into friend of the citizen, not agent of government Creates a potent strategic weapon against identity theft; demonstrates government leadership Increases confidence in government online Increases card utility card with e.g. health identifiers, proof-of-age etc. Brings new revenue potential through commercial applications enabled by privacy architecture; enhances ROI on smartcards Transparent, uncomplicated security model, readily verifiable, and capable of attracting cross-sector support from diverse stakeholders.

5 Copyright © 2007-08 Lockstep Technologies Pty Ltd Benefits of Stepwise In e-commerce and payments: Vastly improved customer experience: simpler, faster, ATM-like Greatly reduced risk of Card Not Present payments fraud Increased confidence in shopping online Radically better privacy protection, reduced disclosure of extraneous personal details; reduced incentive for identity theft For e-merchants – better compliance with PCI obligations, lower cost For e-merchants & banks – simpler, lower cost implementation; less reliance on centralised authentication servers For banks – enhanced ROI on Chip-and-PIN (EMV) cards.

6 Copyright © 2007-08 Lockstep Technologies Pty Ltd A/C No. 123456 Acme Bank Access Card CRN 123456789 Govt Agency B Access Card UHI 11112222 Health Dept Access Card Pt ID 987654321 Health D/B Access Card Policy 000777xzy Insurance Access Card Meds: Anti-coagulant Dr Blogs Access Card CRN AAA999999 Govt Agency A Access Card Allergies: Penicillin Dr Blogs Access Card Identifiers and personal data encapsulated by Stepwise cannot be cloned, faked, or copied every capsule bears a tamper-proof pedigree, proving its data is authentic, was carried in an authentic smartcard, and was presented with the consent of the cardholder encapsulated data can be verified offline additional capsules can be added at anytime, memory allowing. Multiple Stepwise capsules

7 Copyright © 2007-08 Lockstep Technologies Pty Ltd Doctor’s surgery Patient Notes Patient : John Citizen Local ID: 1234 Age56 Next Kin:Joan Smith Notes: Angina BP:140/100 Cholesterol:7.1 Prescribe: Sotalol Sched fee:$40.00 Doctor fee: $60.00 Gap: $20.00 Patient Notes Patient : John Citizen Local ID: 1234 Age56 Next Kin:Joan Smith Notes: Angina BP:140/100 Cholesterol:7.1 Prescribe: Sotalol Sched fee:$40.00 Doctor fee: $60.00 Gap: $20.00 Govt Claim Date 2007/03/06 Provider No.: 999999 Item 666 Govt Agency A CRN AAA999999 Transaction de-identification Stepwise capsules are bound to transactions through standard digital signatures. Each transaction bears the minimum personal data needed to authorise it, with no extraneous personal details. The contents of each capsule are “baked in” so their integrity can be verified by the receiver quickly and simply, offline.

8 Copyright © 2007-08 Lockstep Technologies Pty Ltd Home Order Date 2007/03/06 Item: 999 Amt $ 575.00 Merchant 4000 1234 5678 9012 Solving Card Not Present fraud CCN. 4000 1234 5678 9012 Issued by: Acme Bank Issued on: Gold Credit Card A Stepwise capsule issued by a bank to an EMV (Chip and PIN) smartcard can protect credit card numbers presented over the Internet. Each payment transaction bears an indelible copy of the genuine credit card number, ‘sealed’ by the smartcard. The number cannot be replayed against the merchant site by a fraudster.

9 Copyright © 2007-08 Lockstep Technologies Pty Ltd Notification Date 2007/03/06 Provider No.: 999999 Condition xyz Event Summary Sotalol Angine BP: 140/100 Chol: 7.1 Doctor’s surgery Patient Notes Patient : John Citizen Local ID: 1234 Age56 Next Kin:Joan Smith Notes: Angina BP:140/100 Cholesterol:7.1 Prescribe: Sotalol Sched fee:$40.00 Doctor fee: $60.00 Gap: $20.00 Patient Notes Patient : John Citizen Local ID: 1234 Age56 Next Kin:Joan Smith Notes: Angina BP:140/100 Cholesterol:7.1 Prescribe: Sotalol Sched fee:$40.00 Doctor fee: $60.00 Gap: $20.00 Govt Claim Date 2007/03/06 Provider No.: 999999 Item 666 CRN 123456789 CRN AAA999999 Insurance Claim Date 2007/03/06 Provider No.: 999999 Item abcdef Policy 000777xyz Health Record Govt Agency B Govt Agency A Insurance Company UHI 11112222 Deidentification Stepwise secured transactions cannot be cross linked. Each uses the relevant ID or customer reference number. There is no leakage of personal data between transactions or receivers.

10 Copyright © 2007-08 Lockstep Technologies Pty Ltd Home Registration Nickname: Bruce Online Social Networking service “Holder is Over 18” Anonymous Proof of Age An anonymous Stepwise capsule issued by a government agency can carry a simple tamper proof notarisation of the cardholder’s age, revealing no other personal information. The proof-of-age could be used when registering for age-restricted services (either adults or minors). Or it could be displayed by a handheld device at nightclubs and the like. Similarly, a capsule could also contain a photograph. “Holder is Over 18” Issued by: Government Agency Issued on: ID Card

11 Copyright © 2007-08 Lockstep Technologies Pty Ltd Technically, the three way binding of a card holder, a piece of personal data, and the issuer or notary of that data, is achieved using anonymous digital certificates. In the example, a bank has issued one of its customer with a digital certificate that identifies only their credit card number 4000 1234 5678 9012. The Public Key in the certificate is associated with a unique Private Key generated and stored within the customer’s EMV smartcard. The certificate is signed by the bank, which will only issue this type of certificates to known customers holding current credit cards. Thus it is impossible to clone or counterfeit a Stepwise certificate – because each of them is linked to a different private key secreted inside a smartcard – or to substitute the name of another issuer or notary of the data – because each certificate is digitally signed. A conventional digital identity certificate will contain a complex “distinguished name” for the Subject, including their full name, nickname, e-mail address, organisation affiliations and so on. The Stepwise certificate on the other hand holds only a pseudonym, such as the credit card number, or any other Customer Reference Number, identifier, biometric template, or personal data. Note that the Certification Path can be used to create a chain of command from the issuer back to the peak scheme owner, adding an additional level of “branding” to each capsule. For example, the certificate issuer used to create Dr Blogs’ medic alerts could itself be signed by DHS, for added security against unauthorised issuers of data to Access Cards. How Stepwise capsules are created using anonymous digital certificates Under the covers Copyright © 2007 Lockstep Technologies Pty Ltd

12 Copyright © 2007-08 Lockstep Technologies Pty Ltd Stephen Wilson Lockstep Technologies swilson@lockstep.com.au +61 (0)414 488 851

Download ppt "Copyright © 2007-08 Lockstep Technologies Pty Ltd Lockstep Stepwise Introduction to de-identification solution Stephen Wilson Lockstep Technologies Pty."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.

AFCEA TechNet Europe Identity and Authentication Management Systems for Access Control Security IDENTITY MANAGEMENT Good Afternoon! Since Yesterday we.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.

Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
Approved Person for e-Insurance Account PROCESS GLOBAL FINSOL PRIVATE LIMITED { Erstwhile TEAM LIFE CARE COMPANY (I) PVT. LTD }

Approved Person for e-Insurance Account PROCESS GLOBAL FINSOL PRIVATE LIMITED { Erstwhile TEAM LIFE CARE COMPANY (I) PVT. LTD }
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.

Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
Bringing HIPAA to Hospital Systems HIPAA impact on hospital systems viaMD solution for HIPAA compliance W e b e n a b l i n g Pa t i e n t A d m i t t.

Bringing HIPAA to Hospital Systems HIPAA impact on hospital systems viaMD solution for HIPAA compliance W e b e n a b l i n g Pa t i e n t A d m i t t.
Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]

Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Information Assurance Management Key Escrow Digital Cash Week 12-1.

Information Assurance Management Key Escrow Digital Cash Week 12-1.
1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?

1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.

Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
Department of Labor HSPD-12

Department of Labor HSPD-12
Public Key Superstructure It’s PKI Jim, but not as we know it! 7 th Annual “IDtrust” Symposium 5 March 2008, Gaithersburg MD, USA Stephen Wilson Lockstep.

Public Key Superstructure It’s PKI Jim, but not as we know it! 7 th Annual “IDtrust” Symposium 5 March 2008, Gaithersburg MD, USA Stephen Wilson Lockstep.
SOLVE THE PROBLEM OF IDENTITY THEFT An online, real-time solution for KYC, POPI, RICA and FICA compliance May 2015 www.fidescloud.co.za.

SOLVE THE PROBLEM OF IDENTITY THEFT An online, real-time solution for KYC, POPI, RICA and FICA compliance May
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?

Similar presentations

Ads by Google